Revision history [back]

click to hide/show revision 1
initial version

Figured it out, thanks to Bernd Bausch I started poking around with [keystone_authtoken] and it appears that for every config file that has [keystone_authtoken], I needed to add the following:

cafile = /etc/pki/tls/certs/gd_bundle-g2-g1.crt # <= added
auth_port = 35357 # <= added
auth_protocol = https # <= added
auth_host = controller00.critical-sec.com # <= added
auth_uri = https://host.domain.com:5000/v3 # <= added /v3
auth_url = https://host.domain.com:35357/v3 # <= added /v3

Not 100% sure auth_port, auth_protocol or auth_host matter too much, but adding /v3 and cafile was absolutely needed.

Figured it out, thanks out. Thanks to Bernd Bausch , I started poking around with [keystone_authtoken] and it appears that for every config file that has [keystone_authtoken], I needed had to add the following:

cafile = /etc/pki/tls/certs/gd_bundle-g2-g1.crt # <= added
auth_port = 35357 # <= added
auth_protocol = https # <= added
auth_host = controller00.critical-sec.com # <= added
auth_uri = https://host.domain.com:5000/v3 # <= added /v3
auth_url = https://host.domain.com:35357/v3 # <= added /v3

Not 100% sure auth_port, auth_protocol or auth_host matter too much, but adding /v3 and cafile was absolutely needed.